diff options
author | sefidel <contact@sefidel.net> | 2023-02-02 18:48:45 +0900 |
---|---|---|
committer | sefidel <contact@sefidel.net> | 2023-02-02 18:58:09 +0900 |
commit | 68e5d83b0b379fdca677cbd3221fa05fe5ec268f (patch) | |
tree | 9cf212cedc1b36da8366331581dc156efd39e559 /colmena/cobalt/services/soju.nix | |
parent | c551a417940f9c66b4346c5813c2550f06269380 (diff) | |
download | nixrc-68e5d83b0b379fdca677cbd3221fa05fe5ec268f.tar.gz nixrc-68e5d83b0b379fdca677cbd3221fa05fe5ec268f.zip |
feat(colmena/cobalt): configure soju & acme
Diffstat (limited to 'colmena/cobalt/services/soju.nix')
-rw-r--r-- | colmena/cobalt/services/soju.nix | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/colmena/cobalt/services/soju.nix b/colmena/cobalt/services/soju.nix new file mode 100644 index 0000000..3e1e3fe --- /dev/null +++ b/colmena/cobalt/services/soju.nix @@ -0,0 +1,27 @@ +{ + services.soju = { + enable = true; + extraGroups = [ "acme" ]; + hostName = "bouncer.sefidel.com"; + listen = [ + # ":6697" + "ircs://bouncer.sefidel.com:6697" + ]; + tlsCertificate = "/var/lib/acme/sefidel.com/cert.pem"; + tlsCertificateKey = "/var/lib/acme/sefidel.com/key.pem"; + }; + + networking.firewall.allowedTCPPorts = [ 6697 ]; + + environment.persistence."/persist".directories = [ + "/var/lib/private/soju" + ]; + + # TODO: remove this once merged + disabledModules = [ "services/networking/soju.nix" ]; + + imports = [ + ./acme.nix + ../overlays/soju.nix + ]; +} |